﻿using System;
using System.Collections.Generic;
using System.Text;

namespace Soft000.Common
{
    public class Sql
    {
        /// <summary>
        /// Sql防注入字符串过滤
        /// </summary>
        /// <param name="strInput">要过滤的字符串</param>
        /// <returns>过滤后的字符串</returns>
        public static string SqlEncode(string strInput)
        {
            string[] src = { "'"};
            string[] dis = { "''"};
            for (int i = 0; i < src.Length; i++)
            {
                strInput.Replace(src[i], dis[i]);
            }
            return strInput;
        }
    }
}
